2FA controller cleanup (#2296)

* Add spec coverage for settings/two_factor_auth area

* extract setup method for qr code

* Move otp required check to before action

* Merge method only used once

* Remove duplicate view

* Consolidate creation of @codes for backup

* Move settings/2fq#recovery_codes to settings/recovery_codes#create

* Rename settings/two_factor_auth#disable to #destroy

* Add coverage for the otp required path on 2fa#show

* Clean up the recovery codes list styles

* Move settings/two_factor_auth to settings/two_factor_authentication

* Reorganize the settings two factor auth area

Updated to use a flow like:

- settings/two_factor_authentication goes to a #show view which has a button
  either enable or disable 2fa on the account
- the disable button turns off the otp requirement for the user
- the enable button cycles the user secret and redirects to a confirmation page
- the confirmation page is a #new view which shows the QR code for user
- that page posts to #create which verifies the code, and creates the recovery
  codes
- that create action shares a view with a recovery codes controller which can be
  used separately to reset codes if needed

config/locales/bg.yml

@@ -139,7 +139,7 @@ bg:
     import: Импортиране
     preferences: Предпочитания
     settings: Настройки
-    two_factor_auth: Двустепенно удостоверяване
+    two_factor_authentication: Двустепенно удостоверяване
   statuses:
     open_in_web: Отвори в уеб
     over_character_limit: прехвърлен лимит от %{max} символа
@@ -155,7 +155,7 @@ bg:
   time:
     formats:
       default: "%d %b, %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     description_html: При активация на <strong>двустепенно удостоверяване</strong>, за да влезеш в приложението, ще трябва да използваш телефона си. През него ще се генерира код, който да въвеждаш при влизане.
     disable: Деактивирай
     enable: Активирай

config/locales/en.yml

@@ -277,7 +277,7 @@ en:
     import: Import
     preferences: Preferences
     settings: Settings
-    two_factor_auth: Two-factor Authentication
+    two_factor_authentication: Two-factor Authentication
   statuses:
     open_in_web: Open in web
     over_character_limit: character limit of %{max} exceeded
@@ -293,7 +293,7 @@ en:
   time:
     formats:
       default: "%b %d, %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: Enter the code generated by your authenticator app to confirm
     description_html: If you enable <strong>two-factor authentication</strong>, logging in will require you to be in possession of your phone, which will generate tokens for you to enter.
     disable: Disable

config/locales/eo.yml

@@ -134,7 +134,7 @@ eo:
     import: Alporti
     preferences: Preferoj
     settings: Agordoj
-    two_factor_auth: Dufaktora aŭtentigo
+    two_factor_authentication: Dufaktora aŭtentigo
   statuses:
     open_in_web: Malfermi retumile
     over_character_limit: limo de %{max} signoj trapasita
@@ -150,7 +150,7 @@ eo:
   time:
     formats:
       default: "%b %d, %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     description_html: Se vi ebligas <strong>dufaktoran aŭtentigon</strong>, vi bezonos vian poŝtelefonon por ensaluti, ĉar ĝi kreos nombrojn, kiujn vi devos entajpi.
     disable: Malebligi
     enable: Ebligi

config/locales/es.yml

@@ -139,7 +139,7 @@ es:
     import: Importar
     preferences: Preferencias
     settings: Ajustes
-    two_factor_auth: Autenticación de dos factores
+    two_factor_authentication: Autenticación de dos factores
   statuses:
     open_in_web: Abrir en web
     over_character_limit: Límite de caracteres de %{max} superado
@@ -155,7 +155,7 @@ es:
   time:
     formats:
       default: "%b %d, %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     description_html: Sí habilitas la <strong>autenticación de dos factores</strong>, se requerirá estar en posesión de su teléfono, lo que generará tokens para que usted pueda iniciar sesión.
     disable: Deshabilitar
     enable: Habilitar

config/locales/fi.yml

@@ -134,7 +134,7 @@ fi:
     import: Tuo dataa
     preferences: Ominaisuudet
     settings: Asetukset
-    two_factor_auth: Kaksivaiheinen tunnistus
+    two_factor_authentication: Kaksivaiheinen tunnistus
   statuses:
     open_in_web: Avaa webissä
     over_character_limit: sallittu kirjanmäärä %{max} ylitetty
@@ -150,7 +150,7 @@ fi:
   time:
     formats:
       default: "%b %d, %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     description_html: Jos otat käyttöön <strong>kaksivaiheisen tunnistuksen</stron>, kirjautumiseen vaaditaan puhelin, joka voi luoda tokeneita kirjautumista varten.
     disable: Poista käytöstä
     enable: Ota käyttöön

config/locales/fr.yml

@@ -273,7 +273,7 @@ fr:
     import: Import de données
     preferences: Préférences
     settings: Réglages
-    two_factor_auth: Identification à deux facteurs (Two-factor auth)
+    two_factor_authentication: Identification à deux facteurs (Two-factor auth)
   statuses:
     open_in_web: Ouvrir sur le web
     over_character_limit: limite de caractères dépassée de %{max} caractères
@@ -289,7 +289,7 @@ fr:
   time:
     formats:
       default: "%d %b %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: Entrez le code généré par votre application pour confirmer
     description_html: Si vous activez <strong>l'identification à deux facteurs</strong>, vous devrez être en possession de votre téléphone afin de générer un code de connexion.
     disable: Désactiver

config/locales/hr.yml

@@ -136,7 +136,7 @@ hr:
     import: Uvezi
     preferences: Postavke
     settings: Podešenja
-    two_factor_auth: Dvo-faktorska Autentifikacija
+    two_factor_authentication: Dvo-faktorska Autentifikacija
   statuses:
     open_in_web: Otvori na webu
     over_character_limit: prijeđen je limit od %{max} znakova
@@ -152,7 +152,7 @@ hr:
   time:
     formats:
       default: "%b %d, %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     description_html: Ako omogućiš <strong>dvo-faktorsku autentifikaciju</strong>, prijavljivanje će zahtjevati da kod sebe imaš svoj mobitel, koji će generirati tokene koje ćeš unijeti.
     disable: Onemogući
     enable: Omogući

config/locales/id.yml

@@ -250,7 +250,7 @@ id:
     import: Impor
     preferences: Pilihan
     settings: Pengaturan
-    two_factor_auth: Autentikasi Two-factor
+    two_factor_authentication: Autentikasi Two-factor
   statuses:
     open_in_web: Buka di web
     over_character_limit: melebihi %{max} karakter
@@ -266,7 +266,7 @@ id:
   time:
     formats:
       default: "%d %b %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: Masukkan kode yang dibuat oleh app autentikator sebagai konfirmasi
     description_html: Jika anda menaktifkan ototentikasi dua faktor, saat login anda harus menggunakan telepon anda  untuk membuat token supaya anda bisa masuk.
     disable: Matikan

config/locales/io.yml

@@ -276,7 +276,7 @@ io:
     import: Importacar
     preferences: Preferi
     settings: Settings
-    two_factor_auth: Dufaktora autentikigo
+    two_factor_authentication: Dufaktora autentikigo
   statuses:
     open_in_web: Apertar retnavigile
     over_character_limit: limito de %{max} signi ecesita
@@ -292,7 +292,7 @@ io:
   time:
     formats:
       default: "%b %d, %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: Enter the code generated by your authenticator app to confirm
     description_html: Se tu posibligas <strong>dufaktora autentikigo</strong>, tu bezonos tua poshtelefonilo por enirar, nam ol kreos nombri, quin tu devos enskribar.
     disable: Extingar

config/locales/it.yml

@@ -140,7 +140,7 @@ it:
     import: Importa
     preferences: Preferenze
     settings: Impostazioni
-    two_factor_auth: Autenticazione a Due Fattori
+    two_factor_authentication: Autenticazione a Due Fattori
   statuses:
     open_in_web: Apri sul Web
     over_character_limit: Limite caratteri superato di %{max}
@@ -156,7 +156,7 @@ it:
   time:
     formats:
       default: "%b %d, %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: Inserisci il codice generato dalla tua app di autenticazione
     description_html: Se abiliti <strong>l'autorizzazione a due fattori</strong>, entrare nel tuo account ti richiederà di avere vicino il tuo telefono, il quale ti genererà un codice per eseguire l'accesso.
     disable: Disabilita

config/locales/ja.yml

@@ -276,7 +276,7 @@ ja:
     import: データのインポート
     preferences: ユーザー設定
     settings: 設定
-    two_factor_auth: 二段階認証
+    two_factor_authentication: 二段階認証
   statuses:
     open_in_web: Webで開く
     over_character_limit: 上限は %{max}文字までです
@@ -292,7 +292,7 @@ ja:
   time:
     formats:
       default: "%Y年%m月%d日 %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: 確認するには認証アプリで表示されたコードを入力してください
     description_html: "<strong>二段階認証</strong>を有効にするとログイン時、電話でコードを受け取る必要があります。"
     disable: 無効

config/locales/nl.yml

@@ -137,7 +137,7 @@ nl:
     import: Import
     preferences: Voorkeuren
     settings: Instellingen
-    two_factor_auth: Tweestapsverificatie
+    two_factor_authentication: Tweestapsverificatie
   statuses:
     open_in_web: Openen in web
     over_character_limit: Limiet van %{max} tekens overschreden
@@ -153,7 +153,7 @@ nl:
   time:
     formats:
       default: "%d %B %J om %U:%M"
-  two_factor_auth:
+  two_factor_authentication:
     description_html: Na het instellen van <strong>tweestapsverificatie</strong>, kun jij je alleen aanmelden als je jouw mobiele telefoon bij je hebt. Hiermee genereer je namelijk de in te voeren aanmeldcode.
     disable: Uitschakelen
     enable: Inschakelen

config/locales/no.yml

@@ -134,7 +134,7 @@
     import: Importér
     preferences: Preferanser
     settings: Innstillinger
-    two_factor_auth: Tofaktorautentisering
+    two_factor_authentication: Tofaktorautentisering
   statuses:
     open_in_web: Åpne i nettleser
     over_character_limit: grense på %{max} tegn overskredet
@@ -150,7 +150,7 @@
   time:
     formats:
       default: "%d, %b %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     description_html: Hvis du skrur på <strong>tofaktorautentisering</strong> må du ha din telefon for å logge inn. Denne vil generere koder som du må taste inn.
     disable: Skru av
     enable: Skru på

config/locales/oc.yml

@@ -292,7 +292,7 @@ oc:
     import: Import
     preferences: Preferéncias
     settings: Paramètres
-    two_factor_auth: Autentificacion en dos temps
+    two_factor_authentication: Autentificacion en dos temps
   statuses:
     open_in_web: Dobrir sul web
     over_character_limit: limit de %{max} caractèrs passat
@@ -308,7 +308,7 @@ oc:
   time:
     formats:
       default: "%b %d %Y a %H o %M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: Enter the code generated by your authenticator app to confirm
     description_html: S’activatz <strong> l’autentificacion two-factor</strong>, vos
       caldrà vòstre mobil per vos connectar perque generarà un geton per vos daissar

config/locales/pl.yml

@@ -134,7 +134,7 @@ pl:
     import: Importuj dane
     preferences: Preferencje
     settings: Ustawienia
-    two_factor_auth: Uwierzytelnianie dwuetapowe
+    two_factor_authentication: Uwierzytelnianie dwuetapowe
   statuses:
     open_in_web: Otwórz w przeglądarce
     over_character_limit: limit %{max} znaków przekroczony
@@ -150,7 +150,7 @@ pl:
   time:
     formats:
       default: "%b %d, %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     description_html: Jeśli włączysz <strong>uwierzytelnianie dwustopniowe</strong>, logowanie się będzie wymagało podania tokenu wyświetlonego na Twoim telefone.
     disable: Wyłącz
     enable: Włącz

config/locales/ru.yml

@@ -267,7 +267,7 @@ ru:
     import: Импорт
     preferences: Настройки
     settings: Опции
-    two_factor_auth: Двухфакторная аутентификация
+    two_factor_authentication: Двухфакторная аутентификация
   statuses:
     open_in_web: Открыть в WWW
     over_character_limit: превышен лимит символов (%{max})
@@ -283,7 +283,7 @@ ru:
   time:
     formats:
       default: "%b %d, %Y, %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: Для подтверждения введите код, сгенерированный приложением аутентификатора
     description_html: При включении <strong>двухфакторной аутентификации</strong>, вход потребует от Вас использования Вашего телефона, который сгенерирует входные токены.
     disable: Отключить

config/locales/zh-CN.yml

@@ -269,7 +269,7 @@ zh-CN:
     export: 数据导出
     preferences: 首选项
     settings: 设置
-    two_factor_auth: 两步认证
+    two_factor_authentication: 两步认证
   statuses:
     # Hey, this is already in a web browser!
     open_in_web: 打开网页
@@ -286,7 +286,7 @@ zh-CN:
   time:
     formats:
       default: "%Y年%-m月%d日 %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: 请输入你认证器产生的代码，以确认设置
     description_html: 当你启用<strong>两步认证</strong>后，你登录时将额外需要使用手机或其他认证器生成的代码。
     disable: 停用

config/locales/zh-HK.yml

@@ -276,7 +276,7 @@ zh-HK:
     import: 匯入
     preferences: 偏好設定
     settings: 設定
-    two_factor_auth: 雙重認證
+    two_factor_authentication: 雙重認證
   statuses:
     open_in_web: 開啟網頁
     over_character_limit: 超過了 %{max} 字的限制
@@ -292,7 +292,7 @@ zh-HK:
   time:
     formats:
       default: "%Y年%-m月%d日 %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: 請輸入你認證器產生的代碼，以確認設定
     description_html: 當你啟用<strong>雙重認證</strong>後，你登入時將需要使你手機、或其他種類認證器產生的代碼。
     disable: 停用

config/locales/zh-TW.yml

@@ -248,7 +248,7 @@ zh-TW:
     import: 匯入
     preferences: 偏好設定
     settings: 設定
-    two_factor_auth: 雙因子認證
+    two_factor_authentication: 雙因子認證
   statuses:
     open_in_web: 以網頁開啟
     over_character_limit: 超過了 %{max} 字的限制
@@ -264,7 +264,7 @@ zh-TW:
   time:
     formats:
       default: "%Y年%-m月%d日 %H:%M"
-  two_factor_auth:
+  two_factor_authentication:
     code_hint: 請輸入您認證器產生的代碼，以進行認證
     description_html: 當您啟用<strong>雙因子認證</strong>後，您登入時將需要使您手機、或其他種類認證器產生的代碼。
     disable: 停用

config/navigation.rb

@@ -8,7 +8,7 @@ SimpleNavigation::Configuration.run do |navigation|
       settings.item :profile, safe_join([fa_icon('user fw'), t('settings.edit_profile')]), settings_profile_url
       settings.item :preferences, safe_join([fa_icon('sliders fw'), t('settings.preferences')]), settings_preferences_url
       settings.item :password, safe_join([fa_icon('cog fw'), t('auth.change_password')]), edit_user_registration_url
-      settings.item :two_factor_auth, safe_join([fa_icon('mobile fw'), t('settings.two_factor_auth')]), settings_two_factor_auth_url, highlights_on: %r{/settings/two_factor_auth}
+      settings.item :two_factor_authentication, safe_join([fa_icon('mobile fw'), t('settings.two_factor_authentication')]), settings_two_factor_authentication_url, highlights_on: %r{/settings/two_factor_authentication}
       settings.item :import, safe_join([fa_icon('cloud-upload fw'), t('settings.import')]), settings_import_url
       settings.item :export, safe_join([fa_icon('cloud-download fw'), t('settings.export')]), settings_export_url
       settings.item :authorized_apps, safe_join([fa_icon('list fw'), t('settings.authorized_apps')]), oauth_authorized_applications_url

config/routes.rb

@@ -58,11 +58,10 @@ Rails.application.routes.draw do
       resources :mutes, only: :index, controller: :muted_accounts
     end
 
-    resource :two_factor_auth, only: [:show, :new, :create] do
-      member do
-        post :disable
-        post :recovery_codes
-      end
+    resource :two_factor_authentication, only: [:show, :create, :destroy]
+    namespace :two_factor_authentication do
+      resources :recovery_codes, only: [:create]
+      resource :confirmation, only: [:new, :create]
     end
   end